Featured Articles

LG G Watch R ships in two weeks

LG G Watch R ships in two weeks

The LG G Watch R, the first Android Wear watch with a truly round face, is coming soon and judging by…

More...
LG unveils NUCLUN big.LITTLE SoC

LG unveils NUCLUN big.LITTLE SoC

LG has officially announced its first smartphone SoC, the NUCLUN, formerly known as the Odin.

More...
Microsoft moves 2.4 million Xbox Ones

Microsoft moves 2.4 million Xbox Ones

Microsoft has announced that it move 2.4 million consoles in fiscal year 2015 Q1. The announcement came with the latest financial…

More...
Gainward GTX 970 Phantom previewed

Gainward GTX 970 Phantom previewed

Nvidia has released two new graphics cards based on its latest Maxwell GPU architecture. The Geforce GTX 970 and Geforce GTX…

More...
EVGA GTX 970 SC ACX 2.0 reviewed

EVGA GTX 970 SC ACX 2.0 reviewed

Nvidia has released two new graphics cards based on its latest Maxwell GPU architecture. The Geforce GTX 970 and Geforce GTX…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Friday, 07 June 2013 09:10

Android malware proves nasty

Written by Nick Farrell

Obad news

Android has been hit by a nasty new malicious program dubbed Obad which exploits glitches in Google’s mobile operating system. Kaspersky Lab’s research blog, malware researcher Roman Unuchek called the newly discovered Trojan the “most sophisticated” malicious program yet detected that works with Android phones. He said that the Trojan had advanced features, including complex obfuscation techniques.

This made it difficult to look at the code. It also uses a previously unknown vulnerability in Android that allowed it to take control of and maintain a foothold on infected Android devices. Kaspersky has contacted Google regarding the malware and the alleged vulnerabilities in Android. The malware, dubbed Backdoor.AndroidOS.Obad.a, is described as a “multi function Trojan.” It is an SMS Trojan, whichsends short message service (SMS) messages to premium numbers. SMS Trojans are the most common form of mobile malware.

According to the report, the Obad authors discovered and exploited a previously unknown vulnerability in the Android OS relating to how Android processes a file called AndroidManifest.xml, a standard component of all applications that describes the application’s structure and operation to the operating system. According to Kaspersky, Obad ”modifies AndroidManifest.xml in such a way that it does not comply with Google standards, but is still correctly processed on a smartphone.”

A second vulnerability allowed Obad’s authors to obtain extended Device Administrator privileges on infected devices, without appearing on the list of applications which have such privileges. As a result, Unuchek said that it wasn’t possible to delete Obad from the infected Android device after it gained the extended privileges.

Obad malware collects a wealth of information from the device, which is passed back to Internet-based command and control (C&C) servers, Kaspsersky said.

blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments